The trifinite.group was founded in August 2004 and is a loosely coupled group of computer experts that spend their free time for doing research in wireless communications and related areas.
Jul 2023
1 min read
Support trifinite.org via the Amazon Affiliate Program Amazon offers the possibility to pay out commissions to their partners when customers use their affiliate link before any purchase. Therefore, please make sure to check out the products on the respective page that serves your location:
Jan 2023
2 mins read
The security of Tesla’s cars has been a hot topic in recent months. In addition to being one of the safest cars on the road, it is also well-protected from hacks and attacks. But how does Tesla make sure their vehicles are safe and secure?
Jul 2022
Note: This is related to Project TEMPA. Please follow this link for an overview! The Tesla Crypto Counter Confusion attack works by impersonating a vehicle with a tool like temparary. Once the app on the owner’s phone starts communicating to the emulated BLE interface of the impersonated car, the temparary tool will request an authorization from the phone.
Note: This is related to Project TEMPA. Please follow this link for an overview! The Tesla Authorization Replay attack is using a tool like temparary in order to extract VCSEC AuthorizationResponses from a whitelisted smartphone app. For AuthorizationRequests - that are mainly used for passive entry functions - the vehicle communicates a challenge token, that the smartphone app has to answer with an AuthorizationResponse which is embedded in a VCSEC SignedMessage object that has a SIGNATURE_TYPE_AES_GCM_TOKEN SignatureType.
Jun 2022
Note: This is related to Project TEMPA. Please follow this link for an overview! The Tesla Key Drop attack works by impersonating a vehicle with a tool like temparary. Once the app on the owner’s phone starts communicating to the emulated BLE interface of the impersonated car, the temparary tool will request an authorization from the phone.